diff options
| author | Minteck <contact@minteck.org> | 2022-10-18 08:59:09 +0200 |
|---|---|---|
| committer | Minteck <contact@minteck.org> | 2022-10-18 08:59:09 +0200 |
| commit | 2c4ae43e688a9873e86211ea0e7aeb9ba770dd77 (patch) | |
| tree | 17848d95522dab25d3cdeb9c4a6450e2a234861f /alarm/node_modules/node-forge/tests/nodejs-create-cert.js | |
| parent | 108525534c28013cfe1897c30e4565f9893f3766 (diff) | |
| download | pluralconnect-2c4ae43e688a9873e86211ea0e7aeb9ba770dd77.tar.gz pluralconnect-2c4ae43e688a9873e86211ea0e7aeb9ba770dd77.tar.bz2 pluralconnect-2c4ae43e688a9873e86211ea0e7aeb9ba770dd77.zip | |
Update
Diffstat (limited to 'alarm/node_modules/node-forge/tests/nodejs-create-cert.js')
| -rw-r--r-- | alarm/node_modules/node-forge/tests/nodejs-create-cert.js | 110 |
1 files changed, 110 insertions, 0 deletions
diff --git a/alarm/node_modules/node-forge/tests/nodejs-create-cert.js b/alarm/node_modules/node-forge/tests/nodejs-create-cert.js new file mode 100644 index 0000000..d1666eb --- /dev/null +++ b/alarm/node_modules/node-forge/tests/nodejs-create-cert.js @@ -0,0 +1,110 @@ +var forge = require('../js/forge'); + +console.log('Generating 1024-bit key-pair...'); +var keys = forge.pki.rsa.generateKeyPair(1024); +console.log('Key-pair created.'); + +console.log('Creating self-signed certificate...'); +var cert = forge.pki.createCertificate(); +cert.publicKey = keys.publicKey; +cert.serialNumber = '01'; +cert.validity.notBefore = new Date(); +cert.validity.notAfter = new Date(); +cert.validity.notAfter.setFullYear(cert.validity.notBefore.getFullYear() + 1); +var attrs = [{ + name: 'commonName', + value: 'example.org' +}, { + name: 'countryName', + value: 'US' +}, { + shortName: 'ST', + value: 'Virginia' +}, { + name: 'localityName', + value: 'Blacksburg' +}, { + name: 'organizationName', + value: 'Test' +}, { + shortName: 'OU', + value: 'Test' +}]; +cert.setSubject(attrs); +cert.setIssuer(attrs); +cert.setExtensions([{ + name: 'basicConstraints', + cA: true/*, + pathLenConstraint: 4*/ +}, { + name: 'keyUsage', + keyCertSign: true, + digitalSignature: true, + nonRepudiation: true, + keyEncipherment: true, + dataEncipherment: true +}, { + name: 'extKeyUsage', + serverAuth: true, + clientAuth: true, + codeSigning: true, + emailProtection: true, + timeStamping: true +}, { + name: 'nsCertType', + client: true, + server: true, + email: true, + objsign: true, + sslCA: true, + emailCA: true, + objCA: true +}, { + name: 'subjectAltName', + altNames: [{ + type: 6, // URI + value: 'http://example.org/webid#me' + }, { + type: 7, // IP + ip: '127.0.0.1' + }] +}, { + name: 'subjectKeyIdentifier' +}]); +// FIXME: add authorityKeyIdentifier extension + +// self-sign certificate +cert.sign(keys.privateKey/*, forge.md.sha256.create()*/); +console.log('Certificate created.'); + +// PEM-format keys and cert +var pem = { + privateKey: forge.pki.privateKeyToPem(keys.privateKey), + publicKey: forge.pki.publicKeyToPem(keys.publicKey), + certificate: forge.pki.certificateToPem(cert) +}; + +console.log('\nKey-Pair:'); +console.log(pem.privateKey); +console.log(pem.publicKey); + +console.log('\nCertificate:'); +console.log(pem.certificate); + +// verify certificate +var caStore = forge.pki.createCaStore(); +caStore.addCertificate(cert); +try { + forge.pki.verifyCertificateChain(caStore, [cert], + function(vfd, depth, chain) { + if(vfd === true) { + console.log('SubjectKeyIdentifier verified: ' + + cert.verifySubjectKeyIdentifier()); + console.log('Certificate verified.'); + } + return true; + }); +} catch(ex) { + console.log('Certificate verification failure: ' + + JSON.stringify(ex, null, 2)); +} |